Oh, right. OK, I think I know what is going on.
If the project seems like it has branch level read permissions, it
denies older clients from fetching it over HTTP, because with the
older clients the server can't ensure the client is permitted to
access any particular resource. So we just blanket deny them.
Do you have any branch level READ (+1 or +2) permissions in the
project, or in any project it inherits from like -- All Projects --?
> Newer msysgit (worked before upgrade) shows this on client:
> error: RPC failed; result=22, HTTP code = 503
> this on server:
> 195.37.114.122 - - [25/Jun/2010:19:49:21 +0000] "GET
> /p/partners/unccd-prais/info/refs?service=git-upload-pack HTTP/1.1" 200
> 10593 - "git/1.7.0.2.msysgit.0.14.g956d7"
> 195.37.114.122 - - [25/Jun/2010:19:49:22 +0000] "POST
> /p/partners/unccd-prais/git-upload-pack HTTP/1.1" 200 - -
> "git/1.7.0.2.msysgit.0.14.g956d7"
I don't see how these correlate. The client says 503, but the server
log says 200. I don't think you are looking at the correct log
records here. Or, somebody isn't reporting accurately.
> Anybody else seeing this with 2.1.3?
It does work on at least one 2.1.3 install, with a newer Git client.
http://egit.eclipse.org/r/ is a 2.1.3 server behind mod_proxy.
$ git clone http://egit.eclipse.org/r/p/jgit.git tmp_jgit_2
Cloning into tmp_jgit_2...
remote: Counting objects: 5347, done
remote: Compressing objects: 100% (5347/5347)
Receiving objects: 100% (5347/5347), 2.48 MiB | 875 KiB/s, done.
Resolving deltas: 100% (2586/2586), done.
Ok, so I went back and looked at the code. We just disable support
for the older clients. It doesn't matter what the project access
controls say, its just disabled. According to git blame, that dates
back to the introduction of /p/ support, in Gerrit 2.1.2, and the
related code hasn't been touched since.
So, we've never supported the older clients. Its at least not a regression.
Ouch.
> Longer answer:
> The insane condition with the client reporting 503 and the server reporting
> 200 really happens with OpenJDK and 2.1.3, and right on up to git 1.7.1 on
> the client.
This shouldn't happen.
> If OpenJDK compatibility is a desirable thing, I'm happy to set this up
> reproducibly and do some further analysis on the crazy behavior. But I'm
> not too fussed about it myself.
It is. We should be able to run on OpenJDK. But I suspect almost
everyone runs on the Sun JDK, and that's why we have never noticed
this. Its probably not a JGit or Gerrit Code Review issue, but a
problem with Jetty on OpenJDK, possibly caused by the way OpenJDK
implements NIO?
I don't have the time to do the legwork to figure out what is wrong
with OpenJDK here. But if someone else manages to understand the
problem and can point me in the right direction, I can try to get it
fixed.
Oh, that could be the cause, I forgot we had bumped up to a newer Jetty. :-)
> What I'll do is clone my Gerrit instance and run a copy
> in OpenJDK, then do a little comparative wiresharking to see what's really
> going on, which might give me a hint. I can revert Jetty pretty easily.
Thanks. Let us know if you learn anything interesting.
> Lazyweb question: does Gerrit already have an easy way to dump
> request/response guts? I'm looking for a way to spot any overt discrepancy
> between what's arriving in / sent from Gerrit vs. what's actually being
> transmitted on the wire.
Unfortunately, no.